Recent Posts
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
- Third Amazon gTLD launch dates revealed
- .TOP promises to play nice on DNS abuse
- Court denies ICANN’s #MeToo “cover up” attempt
- Launch dates for two more Amazon gTLDs revealed
- An end to “Club Med for geeks” ICANN?
- Some people paid premiums for .hot domain hacks
- .io questions in sharp focus as UK signs Chagos treaty
- Big .gdn registrar at risk
- ICANN “reaffirms its commitment to diversity and inclusion”
- ICANN kills off diversity and inclusion
- Kaufmann picked for ICANN board
- Conflicted? STFU under new ICANN rules
- .hot is for hookers? Amazon’s first premium regs revealed
- Gname adds another 200 registrars
- New Pope’s .com domain was registered the day Francis died
- Two deadbeat registrars get their ICANN marching orders
- DotMusic has sold a lot of names, but not many are turned on
- .med is a deeply weird gTLD, but it wants to be more normal
- ICANN cuts off money to UASG
- Web.com getting dumped
- .es and .pt riding out massive power outage
- .com is back as Verisign discounts bear fruit
- Dot-brand actually being used to get deleted
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
Unanimous support for new ICANN appeals process
The Generic Names Supporting Organization has issued an “unprecedented” statement of “unanimous” support for a new way for ICANN community members to appeal ICANN decisions.
All seven constituency groups signed onto a statement that was read by representatives of registries, non-commercial users and intellectual property interests at the ICANN 50 public forum last week.
“It only took us 50 meetings, but I think the rarity of what you’re witnessing this afternoon sends a very strong message about our views,” the Registries Stakeholder Group’s Keith Drazek said.
This is the meat of the demand:
The entire GNSO joins together today calling for the Board to support community creation of an independent accountability mechanism that provides meaningful review and adequate redress for those harmed by ICANN action or inaction in contravention of an agreed upon compact with the community.
Rafik Dammak of the Non-Commercial Users Constituency added that the creation of such a mechanism is “a necessary and integral element of the IANA stewardship transition.”
“The Board’s decisions must be open to challenge and the Board cannot be in a position of reviewing and certifying its own decisions,” he said.
“We need an independent accountability structure that holds the ICANN Board, Staff, and various stakeholder groups accountable under ICANN’s governing documents, serves as an ultimate review of Board/Staff decisions,” said Kristina Rosette of the Intellectual Property Constituency.
What they’re basically looking for is a third way to appeal ICANN decisions beyond the existing Independent Review Process and Request for Reconsideration mechanisms.
IRP is considered too time-consuming and expensive for anyone other than well-funded commercial stakeholders. It cost ICM Registry millions in legal fees to win its IRP in 2010.
RfR, meanwhile, sees the ICANN board review its own decisions, and is only successful (in 15 years it’s only happened once, a week ago) when a requester can bring new evidence to the table.
What the GNSO seems to be looking for is a third way — independent review of ICANN decisions that doesn’t cost a bomb and can be used to reexamine decisions on the merits.
In many ways the demand represents the low-hanging fruit of the amorphous “accountability” discussion that took place at length at the London meeting last week.
ICANN accountability is being examined simultaneously with the proposed transition of the IANA stewardship functions from the US Department of Commerce to a yet-undefined mechanism.
There seems to be broad community consensus that the transition should be linked to improvements in accountability.
During the “constituency day” sessions on Tuesday, during which the ICANN board visits in turn with each GNSO constituency, accountability was the theme common to each and every session.
Time and again, CEO Fadi Chehade pushed the constituency he was addressing to provide some specifics.
“What is accountability and how accountable are we today?” he asked the RySG. “Who are we accountable to for what? We need to get precise before you ask us to answer a question that says when you finish accountability, then you can move to the transition.”
The GNSO statement two days later, which still needs fleshing out with details, appears to be the first step toward providing the precision Chehade wants.
Chehade said multiple times that the accountability review and the IANA transition discussions are “interrelated” but not “interdependent.”
If one were dependent on the other, it would be easier for opponents to stonewall the IANA transition by delaying the accountability review, he said.
“There are people in this community would like the transition from the US government to never happen,” he told the RySG. “They won’t admit it, but there are several, in this room even, who want this to never happen.”
He later told the NCUC that these bogeymen were “not in this room”, highlighting perhaps his belief that one or more gTLD registries is preparing to throw a spanner in the works.
Suspicion immediately fell on Verisign, forcing Drazek to issue a separate statement at the public forum on Thursday denying that the company (his employer) opposes the transition:
VeriSign supports NTIA’s March 14th, 2014 announcement. VeriSign supports NTIA’s four key principles. VeriSign Supports the bottom-up multistakeholder process that is now under way and that we have already been very much engaged. VeriSign supports the target date of September 2015 for transition. We support these things provided the multistakeholder community recommendations for ICANN’s accountability reforms are accepted by NTIA before the final transition, and sufficiently implemented by ICANN subject to measurable deliverables.
It’s not much of a denial, really, more of a clarification of where Verisign stands and confirmation that it wants, as Chehade alluded to, accountability reform prior to the IANA transition.
In my view, accountability is the more important of these two threads.
The Department of Commerce doesn’t actually do much in terms of its hands-on role as steward of the IANA functions as they related to domain names. It merely checks that ICANN’s proper procedures have been followed before signing off on DNS root zone changes.
If sanity prevails in the ICANN community’s transition discussions (and I have no reason to believe it will) whatever replaces the US should be similarly mute and invisible.
However, Commerce’s arguably more important role has been to act as a constant Sword of Damocles, a threat that ICANN could lose its IANA powers if it goes rogue and starts acting (in the US government’s view) against the best interests of the internet community.
That’s a very crude accountability mechanism.
What ICANN needs in future is not a direct replacement of that existential threat, but a mechanism of accessible, independent third-party review that will give the ICANN community and internet users everywhere confidence that ICANN isn’t a loose cannon with its hand on the internet’s tiller.
France slams ICANN after GAC rejects special treatment for .wine
France says that “ICANN is no longer the appropriate forum to discuss Internet governance” after it failed to win support from other governments for special protections in .wine and .vin gTLDs.
The government came to ICANN 50 in London this week apparently determined to secure a Governmental Advisory Committee consensus that .wine should have protection for geographic indicators.
GIs are protected geographic terms such as “Champagne”, “Parma” and “Cheddar” that link a product to the region in which it is traditionally produced. France has a lot of wine-related GIs.
But the GAC — as I think everyone, including France, expected — failed to come to an agreement.
The GAC’s London communique (pdf) reads:
There was further discussion on the issue of .wine/.vin, but no agreement was reached because of the sensitive nature of the matter.
The matter of .wine and .vin was raised at the High Level Governmental Meeting, where some members expressed concerns in terms of ICANN’s accountability and public policy. These concerns are not shared by all members.
In the absence of a consensus GAC objection, the most likely outcome is ICANN pushing the competing .vin/.wine applicants along the contention resolution process to auction.
France has won a lot of media coverage this week, throwing out allegations such as the idea that ICANN is “opaque”, and questioning ICANN’s ability to do its job properly.
Quizzed about France’s statements at a press conference on Monday, ICANN CEO Fadi Chehade pointed out that studies have show ICANN is extremely transparent and wondered aloud whether France’s position is the one where you “scream that everything’s broken when you don’t get what you want”.
Today’s French statement is a little, but not much, more relaxed. Translated, it partially reads:
Current procedures at ICANN highlight its inability to take into account the legitimate concerns of States and to ensure common resource management in the direction of respect for cultural diversity and balance of interests in economic sectors that its decisions affect.
…
Accordingly, it will propose to its European partners and all other stakeholders to reflect on the future of Internet governance based on transparency, accountability, and equal stakeholders. Commission also believes that ICANN is no longer the appropriate forum to discuss Internet governance.
The government did, however, reiterate its support for the notion of multi-stakeholder internet governance.
French wine producers were less diplomatic. We received a statement from ANEV, the Association Nationale des Elus de la Vigne et du vin, this afternoon that called upon the French government and European Union to block all domain names that use GIs in violation of local law.
Personally, I don’t think that’s going to happen.
During an ICANN session on Monday, the French GAC rep used the .wine controversy to call for the creation of a “General Assembly” at ICANN.
I’m working from the transcript, which has been translated by ICANN into English, and some media reports, but it seems that France is thinking along the lines of an ITU-style, voting-based rather than consensus-based, approach to generating GAC advice. I may be wrong.
During Monday’s press conference, Chehade did not oppose France’s suggestions, though he was careful to point out that it would have to be approved by the whole ICANN community first (implicitly a tall order).
A vote-based GAC could well favor European Union countries, given the make-up of the GAC right now.
On the .wine issue, it’s mainly a few Anglophone nations such as the US, Canada and Australia that oppose extra GI protections.
These nations point out that the GI issue is not settled international law and is best dealt with in venues such as the World Trade Organization and the World Intellectual Property Organization.
France actually says the same thing.
But while France says that ICANN’s refusal to act on .wine jeopardizes GI talks in other fora, its opponents claim that if ICANN were to act it would jeopardize the same talks.
Chehade said during the Monday press conference that France had not yet run out of ways to challenge ICANN’s position on this, so the story probably isn’t over yet.
GAC rejects multistakeholderism, tells ICANN to ignore the GNSO
The Governmental Advisory Committee has advised ICANN to do as it’s told and stop listening to the views of other stakeholders, on the issue of protection mechanisms for the Red Cross.
In a barely believable piece of formal advice to the ICANN board this morning, part of its London communique (pdf), the GAC said:
the protections due to the Red Cross and Red Crescent terms and names should not be subjected to, or conditioned upon, a policy development process
That’s the GAC telling the ICANN board to do what the GAC says without involving the rest of the ICANN community, specifically the multi-stakeholder Generic Names Supporting Organization.
Some in the GNSO have already informally expressed their anger about this. More, and more formal, responses are expected to follow.
It’s a baffling GAC move given that most governments have spent much of the ICANN 50 meeting this week professing how much they support the multi-stakeholder model of internet governance.
Now the GAC is explicitly telling ICANN to ignore anyone that isn’t the GAC, on this particular issue.
That’s unprecedented, though many would say that GAC statements often sound like the existence of other advisory committees and supporting organizations is little more than an annoyance to members.
During a meeting between the ICANN board and the GAC on Tuesday, UK GAC member Mark Carvell expressed some of that frustration, saying ICANN’s approach to the issue has been “completely unacceptable”.
Carvell said:
we’re talking about names that are protected under international law and implemented in national legislation
So, for example, if you go down Pride Street around the corner, you won’t find Red Cross Burgers. You won’t find Patisserie Croix Rouge in Paris anywhere, or in London, indeed, because it’s against the law to use those names.
So the response that we’ve had from the Board is equating these names to trademarks by referring to the GNSO response, saying that this is a matter for incorporation of policy development that would use the trademark clearinghouse.
So I just wanted to make the point here that this is completely unacceptable to us. We’re in a position as governments and administrations in implementing national law. So our advice continues to be that these names need to be protected and not subject to some policy development process that equates these names to trademarks
and brands.
That point of view seems to have translated directly into the GAC’s communique today.
The GAC statement is doubly baffling because the Red Cross and Red Crescent already enjoy protections in the new gTLD program, and the GNSO has voted to make these protections permanent.
The GAC has been pushing for protections for the Red Cross for years.
It’s a noble effort in principle, designed to help thwart fraudsters who would use the Red Cross brand to bilk money out of well-meaning internet users in the wake of human tragedies such as earthquakes and tsunamis.
The ICANN board of directors first agreed to adopt such protections in 2011, when it approved the new gTLD program.
Red Cross protections were added to the program rules then on a temporary basis, pending a formal GNSO policy on the matter.
The GNSO took a while to get there, but it formally passed a resolution in November last year that would protect a list of Red Cross organizations at both the top and second levels in the new gTLD program.
So what’s the GAC’s problem?
ICANN director Chris Disspain asked Carvell during the Tuesday GAC-board session. Carvell responded:
I’m talking about our advice with regard to protection of national entities at the second level. So, for example, British Red Cross dot whatever. That protection does not exist, and is not agreed as we understand it.
The original list of Red Cross/Red Crescent strings for which the GAC demanded protection includes strings like “redcross” and “croissant-rouge”, but it does not include strings such as “americanredcross”.
There are 189 national Red Cross organizations that are not currently protected, according to the GAC.
Why are these strings not on the list?
It appears to be because the GAC didn’t ask for such protections until March this year, six months after the GNSO concluded its PDP and close to three years after the temporary protections were originally implemented.
The GAC communique from the latest Singapore meeting (pdf) contains a request for national Red Cross organizations to be protected, but I can’t find any matching GAC advice that predates March 2014.
The GAC seems to have screwed up, in other words, by not asking for all the protections it wanted three years ago.
And now it’s apparently demanding that its new, very late demands for protection get implemented by ICANN without a PDP and with no input from any other area of the ICANN community.
The GAC spent a lot of time this week talking up the multistakeholder process, but now it seems prepared to throw the concept under a bus either in the name of expediency or to cover up the fact that it seriously dropped the ball.
Nobody can deny that its heart is in the right place, but is abandoning support for multistakeholderism really the best way to go about getting what it wants, at a time when everyone is claiming governments won’t control the newly liberated ICANN?
A million domains taken down by email checks
Over 800,000 domain names have been suspended since the beginning of the year as a result of Whois email verification rules in the new ICANN Registrar Accreditation Agreement.
That’s according to the Registrars Stakeholder Group, which collected suspension data from registrars representing about 75% of all registered gTLD domain names.
The actual number of suspended domains could be closer to a million.
The 2013 RAA requires registrars to verify the email addresses listed in their customers’ Whois records. If they don’t receive the verification, they have to suspend the domain.
The RrSG told the ICANN board in March that these checks were doing more harm than good and today Tucows CEO Elliot Noss presented, as promised, data to back up the claim.
“There have been over 800,000 domains suspended,” Noss said. “We have stories of healthcare sites that have gone down, community groups whose sites have gone down.”
“I think we can safely say millions of internet users,” he said. “Those are real people just trying to use the internet. They are our great unrepresented core constituency.”
The RrSG wants to see contrasting data from law enforcement agencies and governments — which pushed hard for Whois verification — showing that the RAA requirement has had a demonstrable benefit.
Registrars asked at the Singapore meeting in March that law enforcement agencies (LEA) be put on notice that they can’t ask for more Whois controls until they’ve provided such data and ICANN CEO Fadi Chehade said “It shall be done by London.”
Noss implied that the majority of the 800,000 suspended names belong to innocent registrants, such as those who had simply changed email addresses since registering their names.
“What was a lovely political win that we said time and time again in discussion after discussion was impractical and would provide no benefit, has demonstrably has created harm,” Noss said.
He was received with cautious support by ICANN board members.
Chair Steve Crocker wonder aloud how many of the 800,000 suspended domains are owned by bad guys, and he noted that LEA don’t appear to gather data in the way that the registrars are demanding.
“We were subjected, all of us, to heavy-duty pressure from the law enforcement community over a long period of time. We finally said, ‘Okay, we hear you and we’ll help you get this stuff implemented,'”, he added. “That creates an obligation as far as I’m concerned on their part.”
“We’re in a — at least from a moral position — in a strong position to say, ‘You must help us understand this. Otherwise, you’re not doing your part of the job'”, he said.
Chehade also seemed to support the registrars’ position that LEA needs to justify its demands and offered to take their data and concerns to the LEA and the Governmental Advisory Committee.
“They put restrictions on us that are causing harm, according to these numbers,” he said. “Let’s take this back at them and say, hey, you ask for all these things, this is what happened.”
“If you can’t tell me what good this has done, be aware not to come back and ask for more,” he said. “I’m with you on this 100%. I’m saying let’s use the great findings you seem to have a found and well-package them in a case and I will be your advocate.”
Director Mike Silber also spoke in support of the RrSG’s position.
“My view is if what you are saying is correct, the LEA’s have blown their credibility,” he said. “They’re going to have to do a lot of work before we impose similar disproportional requirements on actors that are not proven to be bad actors.”
So what does this all mean for registrants?
I don’t think there’s any ongoing process right now to get the Whois verification requirements overturned — that would require a renegotiation of the RAA — but it does seem to mean demands from governments and police are going to have to be much more substantiated in future.
Noss attempted to link the problem to the recommendations of the Whois Expert Working Group (EWG), which propose a completely revamped, centralized Whois system with much more verification and not much to benefit registrants.
To paraphrase: if email verification causes so much harm, what harms could be caused by the EWG proposal?
The EWG was not stuffed with LEA or governments, however, so it couldn’t really be characterized as another set of unreasonable demands from the same entities.
ICANN overturns new gTLD objection decision!
ICANN has overturned a Community Objection decision, allowing a .med new gTLD applicant back into the game, after a Request for Reconsideration from the applicant.
It’s the first time ICANN has overruled an objection panel during the new gTLD program and the first time in over a decade any RfR of substance has been accepted by the ICANN board of directors.
Medistry lost a CO filed by the program’s Independent Objector, Alain Pellet, back in January.
Under program rules, that should have killed off its application for .med completely.
But the company filed an RfR — ICANN’s first and cheapest appeals mechanism — claiming that Pellet acted outside his jurisdiction by filing the objection when there was not at least one informal objection from a community member on the public record.
Its case, as outlined in its RfR, was quite compelling, as I outlined in a piece in March.
Medistry argued that the International Chamber of Commerce’s panelist, Fabian von Schlabrendorff, had cited two non-existent informal community objections in his decision.
One of them literally did not exist — and von Schlabrendorff went so far as to infer its existence from its absence — while the other was “advisory” in nature and was not intended as an objection.
In March, ICANN’s Board Governance Committee accepted Medistry’s RfR on a preliminary basis, to give it more time to consider whether the IO had acted outside of the new gTLD program’s rules.
Yesterday, the BGC came to its final decision (pdf):
The BGC concludes that, based on information submitted with this Request, there is substantial and relevant evidence indicating that the Objection was inconsistent with ICANN procedures, despite the diligence and best efforts of the IO and staff. Specifically, the Requester [Medistry] has provided the BGC with uncontroverted information demonstrating that the public comments on which the Objection was based were not, in fact, in opposition to the Requester’s application. Accordingly, the BGC concludes that ICANN not consider the Expert Determination at issue and that the Requester’s Application for .MED is therefore permitted to proceed to the next stage of process in the New gTLD Program.
In other words: 1) Pellet inadvertently acted outside of his remit 2) the ICC’s ruling on the objection is simply cast aside and 3) Medistry’s application is back in the .med contention set.
The main reason this RfR succeeded while all others to date have failed is that Medistry managed to provide new information, in the form of clarifying letters from the two non-existent informal objectors, that was not originally available.
The large majority of previous RfR’s have failed because the requester has failed to bring any new evidence to the table.
The public comments from [National Association of Boards of Pharmacies] and [American Hospital Association] that were the basis for the Objection were vague and open to a number of interpretations. Given that there is substantial and uncontroverted evidence from the authors of those public comments, indicating what NABP and AHA intended, the BGC cannot ignore this information in assessing the Request or reaching its determination.
I think ICANN is going easy on the ICC and von Schlabrendorff (how can something that does not exist be “open to a number of interpretations”?) but it seems that the RfR process has in this case nevertheless been a bit of a success, overturning an extremely dodgy decision.
The .med contention set also contains HEXAP and Google.
Euro govs livid as ICANN takes .wine off ice
The new gTLD applications for .wine and .vin are now live again, raising the ire of European governments.
ICANN chair Steve Crocker has written to the European Commission, along with the governments of France, Spain and the US that the three applications are once again being processed.
That’s after a 60-day temporary freeze, ostensibly in order to give the governments more time to push applicants for geographic indicator protections, expired earlier this month.
Geographic indicators are terms such as “Champagne” and “Bordeaux” which are protected under European law — they have to be produced in those regions — but not in the US and other non-EU countries.
France is expected to point to the .wine controversy as evidence of how ICANN is deficient as an organization.
“The problem is it is totally opaque, there is no transparency at all in the process,” Axelle Lemaire, minister for digital affairs, told the Financial Times today.
France also reckons ICANN’s decision will impact transatlantic trade negotiations unrelated to the domain name industry, the FT reported.
Lemaire’s comments about transparency are odd, given that pretty much the entire debate — whether in person at ICANN meetings or through correspondence — has been put on to the public record by ICANN.
The issue seems to be rather than the ICANN process does not give national governments a means to push their agendas onto the industry unless all participating governments agree.
The Governmental Advisory Committee was unable to come to a consensus on .wine and .vin — EU states wanted strong protection for GIs, but the US, Canada and Australia disagreed.
Lacking GAC consensus, ICANN had no mandate to act on requests for individual government requests.
But when its board decided to move ahead on the new gTLDs in March, the GAC noted that its process for making the decision may have broken its bylaws.
The EC, UK, France, Spain, Italy, Portugal, Luxembourg and Switzerland then filed formal Requests for Reconsideration with ICANN, asking for the decision to be overturned.
Those RfRs were rejected by ICANN’s Board Governance Committee a month ago.
Last week Crocker wrote to governments on both sides of the debate to confirm that, with the 60 days expired and no outstanding GAC advice, .wine and .vin will proceed to contention resolution and contracting as normal.
The letters are all pretty much the same, with Crocker explaining the process to date and suggesting again that ICANN be not be the best forum for governments to hash our their disagreements over GI protections.
Crocker told (pdf) EC vice president Neelie Kroes:
should the GAC be in a position to provide any additional advice on this issue, we would welcome it. Similarly, should governments succeed in resolving these issues in other global trade fora such as the WTO [World Trade Organization] that, too, will be taken into account.
Expect the debate to continue this week at ICANN 50, the public meeting that kicked off in London yesterday.
The EU and its most-affected member states are not going to let this die.
New gTLDs now outnumber the old TLDs
There are now more 2012-round new gTLDs alive on the internet than there are legacy TLDs.
With today’s addition of five new strings, including .brussels and .surf, there are now 312 delegated new gTLDs and 308 others in the DNS root zone file.
The legacy TLD count includes the original eight gTLDs such as .com and .gov, 285 ccTLDs (including 36 IDN ccTLDs), and 15 gTLDs added by ICANN in the 2000 and 2003 rounds.
With just shy of 1.2 million domains under management (including all the registry-reserved and freebies) the new gTLD program currently accounts for about 0.4% of all registered names.
About 140 new gTLDs are in general availability. The rest have been delegated but are either in sunrise periods or pre-sunrise periods.
ICANN smacks new gTLDs for pre-sunrise auctions
Running a premium domain name auction before you’ve finished your new gTLD sunrise period is Officially Not Cool, according to ICANN’s compliance department.
People who won premium new gTLD domains in auctions that took place before sunrise periods now face the possibility of losing their names to trademark owners.
.CLUB Domains, and probably XYZ.com, operators of .club and .xyz, two of the highest-volume new gTLDs to launch so far, appear to be affected by the ICANN decision.
ICANN told .CLUB that its “winter auction“, which took place in late February, may have violated the rules about allocating or “earmarking” domains to registrants before sunrise takes place.
Meanwhile, NameJet has cancelled the auction for deals.xyz, which “sold” for $8,100 late last year, suggesting that .xyz’s pre-sunrise auction is also considered ultra vires.
ICANN told .CLUB that its auction sales “constitute earmarking” in violation of the rule stating that registries “must not allow a domain name to be allocated or registered prior to the Sunrise period”.
.CLUB had told its auction winners that a sunrise period registration would prevent them from getting the domain they wanted and that they would be refunded if a sunrise registrant emerged.
But ICANN evidently told the registry:
Irrespective of whether “[a]llocation was expressly conditioned upon any Sunrise claim,” or whether any Sunrise claim was made, the pre-selection, pre-registration or pre-designation to third parties, in this case via .Club Domains’ “winter auction,” constitutes improper allocation.
I kinda thought this would happen.
Back in November, when XYZ.com ran its first .xyz auction — about six months before its sunrise even started — CEO Daniel Negari told us he believed it was “comfortably within the rules“.
We said the auction “seems to be operating at the edge of what is permissible under the new gTLD program’s rights protection mechanisms, which state that no domains may be allocated prior to Sunrise.”
I’ve not yet been able to definitively confirm that .xyz is affected by this ICANN decision, but .club definitely is.
.CLUB Domains told its auction winners today that the names they won are now subject to a 60-day period during which they could be obtained by trademark owners.
If no trademark owner claims the name, .CLUB said it will give the auction winner a 10% rebate on their purchase price.
The email states:
We are placing the domain on hold for 60 days, during which time a Trademark Clearinghouse (TMCH) holder will have the opportunity to purchase the domain at Sunrise rates. Although, the domain is not currently in the TMCH, if a trademark holder should file in the TMCH over the next 60 days, the domain will be offered to that registrant. However, if the name is not claimed by filing in the TMCH over the next 60 days, your transaction will move forward as planned.
Although we disagree with ICANN compliance’s position on this matter, the actions we are taking are necessary to ensure that we are not offside with ICANN compliance in any way. We understand that you have been caught in the middle of this issue due to no fault of your own. Given these circumstances, we are offering you two options:
1) Should you decide to complete this transaction, we will issue you a payment of 10% of the purchase price after the transaction closes in 60 days, assuming the name is not registered by a TMCH mark holder because of the delay.
2) At any time during the 60 day period you have the option to rescind the auction bid and not purchasing the domain.
London meeting already ICANN’s second-biggest
Over 2,200 people have already registered for ICANN 50, which kicks off this coming weekend in London.
According to ICANN, that puts the upcoming meeting second only to last year’s one in Beijing, which had 3,141 pre-registrations and 2,532 eventual attendees.
London’s a pretty convenient “hub” city to fly to, but I suspect a lot of the interest might be related to the IANA transition process, which has put a new spotlight on ICANN in recent months.
ICANN has already laid on overflow viewing rooms for discussions related to the IANA topic.
The meeting officially starts with the welcome ceremony on Monday, but the work begins as usual on Saturday, when the various constituencies gather to decide what they want to moan about this time.
As usual, you don’t have to actually be in London to “attend” the meeting — there’s a full schedule of remote participation opportunities if your diary, bandwidth and time zone permits.
It’s a packed schedule as usual, and it could look overwhelming to a newbie.
A good trick is to simply follow the board of directors around on the Tuesday, when it invites each constituency into the room in turn for some passive-aggressive feedback sessions.
You’ll get a relatively concise breakdown of the top three or four issues on the mind of ICANN participants in that way, but probably not a great deal of insight into the board’s thought process.
The public forum on Thursday is also a highlight. Anyone can take to the mic to say or ask anything (relevant) they please. Comments and questions can also be submitted remotely.
For ICANN 50 the forum has actually been shortened to two hours to accommodate discussions of the IANA process, causing some in the community to question whether ICANN is trying to stifle the crazy.
Whois “killer” is a recipe for a clusterfuck
An ICANN working group has come up with a proposal to completely replace the current Whois system for all gTLDs.
Outlined in 180 recommendations spread over 166 pages (pdf), it’s designed to settle controversies over Whois that have raged for 15 years or more, in one fell swoop.
But it’s a sprawling, I’d say confusing, mess that could turn domain name registration and the process of figuring out who owns a domain name into an unnecessarily bureaucratic pain in the rear.
That’s if the proposal is ever accepted by the ICANN community, which, while it’s early days, seems like a challenge.
The Expert Working Group, which was controversially convened by ICANN president Fadi Chehade in December 2012, proposes a Registration Data Service that would ultimately replace Whois.
It’s a complex document, which basically proposes rebuilding Whois from the ground up based on ideas first explored by George Orwell, Franz Kafka and Douglas Adams.
Having read it, I’ll do my best in this post to explain what the proposed Registration Data Service seems to entail and why I think it seems like a lot of hard work for very little benefit.
I note in advance as a matter of disclosure that the RDS as proposed would very possibly disenfranchise me professionally, making it harder for me to do my job. I explain why later in this post.
I also apologize in advance for, and will correct if notified of, any errors. It’s taken me a week from its publication to read and digest the proposal and I’m still not sure it’s all sunk in.
Anyway, first:
What’s RDS?
RDS would be a centralized Whois database covering all domains in all gTLDs, new and old, operated by a single entity.
What’s in an RDS record?
Under the hood, RDS records wouldn’t look a heck of a lot different than Whois records look today, in terms of what data they store.
There would be some new optional elements, such as social media user names, but otherwise it’s pretty much the same data as we’re used to seeing in Whois records today.
The big difference is which of these elements would be visible by default to an anonymous internet user doing a regular Whois look-up somewhere.
Some fields would be “public” and some would be “gated” or hidden. Some fields would always be public and some could be toggled between public and gated by the registrant.
Gated fields would not be visible to people doing normal Whois look-ups. To see gated data, you’d need to be accredited to a certain role (cop, trademark owner, etc) and have an RDS account.
By default, much of the data about the “registrant” — including their name, physical address, country, and phone number — would be gated.
No, you’re not reading that wrong — the name of the registrant would be hidden from regular Whois users by default. Their email address, however, would be always be public.
There would also be up to six “Purpose Based Contacts” — an Admin Contact, a Legal Contact, a Technical Contact, an Abuse Contact, a Privacy/Proxy Contact and a Business Contact.
So, for example, a registrant could specify his registrar as his technical PBC and his lawyer as his legal PBC.
The admin, legal, technical and abuse contacts would be mandatory, and would default to the registrant’s own personal contact info.
A newly registered domain would not be activated in the DNS until the mandatory PBCs had been provided.
Each of these four mandatory PBCs would have different levels of disclosure for each data element.
For example, the Admin PBC would be able to hide their mailing address and phone number (both public by default) but not their name, email address or country.
The Legal PBC would not be able to opt out of having their mailing address disclosed, but the Technical and Abuse PBCs would be able to opt out of disclosing pretty much everything including their own name.
Those are just examples. Several tables starting on page 49 of the report (pdf) give all the details about which data fields would be disclosed and which could be hidden.
I think it’s expected by the EWG that most registrants would just accept the defaults and publish the same data in each PBC, in much the same way as they do today.
“This PBC approach preserves simplicity for Registrants with basic contact needs and offers additional granularity for Registrants with more extensive contact needs,” the EWG says.
Who gets the see the hidden stuff?
In order to see the hidden or “gated” elements, you’d have to be an accredited user of the centralized RDS system.
The level of access you got to the hidden data would depend on the role assigned to your RDS account.
The name of the registrant, for example, would be available to anyone with an RDS account.
If you wanted access to the registrant’s mailing address or phone number, you’d need an RDS account that accredited you for one or more of seven defined purposes:
- Domain Name Control (ie, the registrant herself)
- Domain Name Certification (ie SSL Certificate Authorities)
- Business Domain Name Purchase/Sale (anyone who says they might be interested in buying the domain in question)
- Academic/Public Interest DNS Research
- Legal Actions (eg lawyers investigating fraud or trademark infringement)
- Regulatory/Contractual Enforcement (could be ICANN-related, such as UDRP, or unrelated stuff like tax investigations)
- Criminal Investigation/DNS Abuse Mitigation
Hopefully this all makes sense so far, but it gets more complicated.
Beware of the leopard!
In today’s gTLD environment, Whois records are either stored with the registry or the registrar. You can do Whois lookups on the registrar/y’s site, or via a third-party commercial service.
As a registrant, you need only interact with your registrar. As a Whois user, you don’t need to sign up for an account anywhere, unless you want value-added services from a company such as DomainTools.
Under RDS, a whole lot of other entities start to come into play.
First, there’s RDS itself — a centralized Whois replacement.
It’s basically two databases. One contains contact details, each record containing a unique Contact ID identifier. The other database maps Contact IDs to the PBCs for each gTLD domain name.
It’s unclear who’d manage this service, but it looks like IBM is probably gunning for the contract.
Second, there would be Validators.
A Validator’s job would be to collect and validate contact information from registrants and PBCs.
While registrars and registries could also act as Validators — and the EWG envisages most registrars becoming Validators — this is essentially a new entity/role in the domain name ecosystem.
Third and Fourth, we’ve got newly created Accrediting Bodies and Accreditation Operators.
These entities would be responsible for accrediting users of the RDS system (that is, people who want to do a simple goddamn Whois lookup).
The EWG explains that an Accrediting Body “establishes membership rules, terms of service, and application and enforcement processes, etc., for a given RDS User community.”
An Accreditation Operator would “create and manage RDS User accounts, issue RDS access credentials, authenticate RDS access requests, and provide first-level abuse handling”.
Because it’s not complicated enough already, each industry (lawyers, academics, police, etc) would have their own different combination of Accrediting Bodies and Accreditation Operators.
Who benefits from all this?
The reason the EWG was set up in the first place was to try to resolve the conflict between those who think Whois accuracy should be more strictly enforced (generally law enforcement and IP owners) and those who think there should be greater registrant privacy (generally civil society types).
In the middle you’ve got the registries and registrars, who are generally resistant to anything that adds friction to their shopping carts or causes even moderate implementation costs.
The debate has been raging for years, and the EWG was told to:
1) define the purpose of collecting and maintaining gTLD registration data, and consider how to safeguard the data, and 2) provide a proposed model for managing gTLD directory services that addresses related data accuracy and access issues, while taking into account safeguards for protecting data.
So the EWG proposal could be seen as successful if a) privacy advocates are happy and b) trademark lawyers and the FBI are happy, c) registrars/ries are happy and d) Whois users are happy.
Are the privacy dudes happy?
No, they’re not.
The EWG only had one full-on privacy advocate: Stephanie Perrin, who’s a bit of a big deal when it comes to data privacy in Canada, having held senior privacy roles in public and private sectors there.
Perrin isn’t happy. Perrin thinks the RDS proposal as it stands won’t protect regular registrants’ privacy.
She wrote a Dissenting Report that seems to have been intended as an addendum to the EWG’s official report, but it was not published by the EWG or ICANN. The EWG report makes only a vague, fleeting reference, in a footnote, to the fact that the was any dissent at all.
Milton Mueller at the Internet Governance Project got his hands on it regardless and put it out there earlier this week.
Perrin disagrees with the recommendation (outlined above) that each domain name must have a Legal Contact (or Legal PBC) who is not permitted to hide their name and mailing address from public view.
She argues, quite reasonably I think, that regular registrants don’t have lawyers they can outsource this function to, which means their own name and mailing address will comprise their publicly visible Legal PBC.
This basically voids any privacy protection they’d get from having these details “gated” in the “registrant” record of the RDS. Perrin wrote:
the purpose of the gate is to screen out bad actors from harassing innocent registrants, deter identity theft, and ensure that only legitimate complaints arrive directly at the door of the registrants. It is also to protect the ability of registrants to express themselves anonymously. Placing all contact data outside the gate defeats certain aspects of having a gate in the first place.
The EWG report envisages the use of privacy/proxy services for people who don’t want their sensitive data published publicly.
But we already have privacy/proxy services today, so I’m unclear what benefit RDS brings to the table in terms of privacy protection.
It’s also worth noting that there are no circumstances under which a registrant’s email address is protected, not even from anonymous RDS queries. So there’s no question of RDS stopping Whois-based spam.
Are the trademark dudes going to be happy?
I don’t know. They do seem to be getting a better deal out of the recommendations than the other side (there were at least three intellectual property advocates on the EWG) but if you’re in the IP community the report still leaves much to be desired.
The RDS proposal would create a great big centralized repository of domain registrant information, which would probably be located in a friendly jurisdiction such as the US.
That would make tracking down miscreants a bit easier than in today’s distributed Whois environment.
RDS would also include a WhoWas service, so users can see who has historically owned domain names, and a Reverse Query service, so that users can pull up a list of all the other domains that share the same contact field(s).
Both services (commercially available via the likes of DomainTools already) would prove valuable when collating data for a UDRP complaint or cybersquatting lawsuit.
But it’s important to note that while the EWG report says all contact information should be validated, it stops short of saying that it should be authenticated.
That’s a big difference. Validation would reveal whether a mailing address actually exists, but not whether the registrant actually lives there.
You’d need authentication — something law enforcement and IP interests have been pushing for but do not seem to have received with the EWG proposal — for that.
The EWG suggests that giving registrants more control over which bits of their data are public will discourage them from providing phony contact information for Whois/RDS.
The RDS proposes a lot more carrot than stick on this count.
But if Perrin is correct that it’s a false comfort (given that your name and address will be published as Legal PBC anyway) then wouldn’t a registrant be just as motivated to call themselves Daffy Duck, or use a proxy/privacy service, as they are today?
Are the registrar dudes going to be happy?
If the EWG’s recommendations become a reality registrars could get increased friction in their sales path, depending on how disruptive it is to create a “Contact ID” and populate all the different PBCs.
I think it’s certainly going to increase demand on support channels, as customers try to figure out the new regime.
Remember, the simple requirement to click on a link in an email is causing registrants and registrars all kinds of bother, including suspended domains, under recently introduced rules.
And there’s obviously going to be a bunch of (potentially costly) up-front implementation work registrars will need to do to hook themselves into RDS and the other new entities the system relies on.
I doubt the registrars are going to wholeheartedly embrace the proposal en masse, in other words.
Is Kevin Murphy happy?
No, I’m not happy.
It bugs me, personally, that the EWG completely ignored the needs of the media in its report. It strikes me as a bit of a slap in the face.
The “media” and “bloggers” (I’m definitely in one of those categories) would be given the same rights to gated RDS data as the “general public”, under the EWG proposal.
In other words, no special privileges and no ability to access the registrant name and address fields of an RDS record.
RDS may well give somebody who owns a trademark (such as a reverse domain name hijacker or a sunrise gamer) more rights to Whois records than the New York Times or The Guardian.
That can’t be cool, can it?
Murphy, brah, why you gotta cuss in your headline?
Good question. I do use swearwords on DI occasionally, but only to annoy people who don’t like them, and usually only in posts dated April 1 or in stories that seem to deserve it.
This post is dated June 13.
I think I’ve established that the EWG’s proposal as it stands today is a pretty big overhaul of the current system and that it’s not immediately obvious how the benefits to all sides warrant the massive effort that will have to be undertaken to get RDS to replace Whois.
But the clusterfuckery is going to begin not with the implementation of the proposal, but with the attempt to pass it through the ICANN process.
The proposal has to pass through the ICANN community before becoming a reality.
The Expert Working Group has no power under the ICANN bylaws.
It was created by Chehade while he was still relatively new to the CEO’s job and did not yet appreciate how seriously community members take their established procedures for creating policy.
I think it was a pretty decent idea — getting a bunch of people in a room and persuading them to think outside the box, in an effort to find radical solutions to a a long-stagnant debate.
But that doesn’t change the fact that the EWG’s proposals don’t become law until they’ve been subject to the Generic Names Supporting Organization’s lengthy Policy Development Process.
Some GNSO members were not happy when the EWG was first announced — they thought their sovereignty was being usurped by the uppity new CEO — and they’re probably not going to be happy about some of the language the EWG has chosen to use in its final report.
The EWG said:
The proposed RDS, while not perfect, reflects carefully crafted and balanced compromises with interdependent elements that should not be separated.
…
The RDS should be adopted as a whole. Adopting some but not all of the design principles recommended herein undermines benefits for the entire ecosystem.
It’s actually quite an audacious turn of phrase for a working group with no actual authority under ICANN bylaws.
It sounds a bit like “take it or leave it”.
But there’s no chance whatsoever of the report being adopted wholesale.
It’s going into the GNSO process, where the same vested interests (IP, LEA, registry, registrar, civil society) that have kept the debate stagnant for the duration of ICANN’s existence will continue to try (and probably fail) to come to an agreement about how Whois should evolve.
Recent Comments